IN THE CLAIMS 



This listing of the claim will replace all prior versions and listings of claim in 



the present application. 
Listing of Claims 

1 . (currently amended)A security system design supporting method^ 
implemented in a security system design supporting tool including a processor which 
conducts processings on data stored in memory, for supporting designing of security 
requirements or security specifications based on an international security evaluation 
criteria during planning/designing of an information-related product or an information 
system, said method comprising the steps of: 

providing , in the memory, a template case database for storing mtematienatty 
registered protection profiles (PP)(PPs) that have been internationally registered or 
PP/STs PPs or STs (security targets) 7 that have been generated., and that have not 
been internationally registered, in a class-tree structure based on a- an inheritance 
relation between types of products or systems as a target of evaluation (TOE) of said 
FP/STs PPs or STs ; 

specifying , to the processor the P P/ST s PPs or STs related to the TOE by 
designating elements included in the products or systems, type and evaluation 
assurance level of the TOE x and retrieving a relevant class-tree structure from said 
database; and 



by integrally editing contents of a definition of the specified PP/STs PPs or STs, 




generating , by the processor, a PP/ST PP or ST draft of the TOE 



2 



wherein as to the generated PP/ST draft of the TOE, if the registered PPs or 
STs local PP matches PPs or STs retrieved from the database, the retrieved PPs or 
STs are used, and if there are no match, high-order PPs or STs among the 
generated PPs or STs are retrieved based on an inheritance relation to thereby 
partially add and correct the PPs/STs . 

Claims 2-22 (canceled). 

23. (new) The security system design supporting method according to 
claim 1 , wherein if the high-order PP among the generated PPs is not successful to 
match, the generated PP draft is registered in a local PP/ST tree structured 
database. 

24. (new) The security system design supporting method according to 
claim 1 , further comprising the steps of: 

indicating the PPs or STs stored in the template case database as icons by 
which the constituting elements, type and the evaluation assurance level can be 
identified; 

specifying the PPs or STs related to the TOE from the inheritance tree based 
on a reference PP or ST cases of the inheritance between the PPs or STs expressed 
in a tree; and 

producing a structure diagram of the TOE using the icons of said specified 
PPs or STs as constituting elements. 
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25. (new) The security system design supporting method according to 
claim 1 , further comprising the steps of: 

generating a rationale matrix indicating a matrix table each correspondence 
between the security environments, the security objectives, the security 
requirements and the summary specification as a part of the contents of a PP or ST 
definition from the security environment, the security objectives, the security 
requirements and the summary specification or the correspondence between them; 
and 

verifying the presence or absence of the definition information lacking the 
correspondence using said rationale matrix generated. 

26. (new) The security system design supporting method according to 
claim 23, further comprising the steps of: 

generating a rationale matrix indicating in a matrix table each correspondence 
between the security environments, the security objectives, the security 
requirements and the summary specification as a part of the contents of the PPs or 
STs definition from the security environment, the security objectives, the security 
requirements and the summary specification or the correspondence between them; 
and 

verifying the presence or absence of the definition information lacking the 
correspondence using said rationale matrix generated. 
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27. (new) A security system design supporting method according to claim 
24, further comprising the steps of: 

generating a rationale matrix indicating in a matrix table each correspondence 
between the security environments, the security objectives, the security 
requirements and the summary specification as a part of the contents of the PP or 
ST definition from the security environment, the security objectives, the security 
requirements and the summary specification or the correspondence between them; 
and 

verifying the presence or absence of the definition information lacking the 
correspondence using said rationale matrix generated. 

28. (new) The security system design supporting method according to 
claim 1 , further comprising the steps of: 

storing information newly added and the result of PP or ST generation in the 
process of PP or ST generation in accordance with the inheritance and 
correspondence in the template case database and the partial case database; and 

improving and expanding the information stored in the case database. 

29. (new) The security system design supporting method according to 
claim 1 , wherein the generated PP or ST can be evaluated in a PP or ST evaluation 
check list in the form of questions based on an international security evaluation 
method. 
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